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REMARKS 

Claims 1, 4, 5, 7, 10, 13-16, and 19-21 were previously pending in this application. By 
this amendment, claims 1, 4, 7, 10, 13, 14, 16, 19, 21 have been amended. As a result claims 1, 
4, 5, 7, 10, 13-16, and 19-21 are pending for examination with claims 1, 16, 19 and 21 being 
independent claims. No new matter has been added. 

Rejections Under 35 U.S.C. §103 

The Final Office Action dated November 12, 2009 (hereinafter the "Office Action") 
rejected claim 1, 4-5, 7, 10, 13-16, and 19-21 under 35 U.S.C. §103(a) as being unpatentable 
over U.S. Publication No. 2002/0178383 to Hrabik et al. (hereinafter Hrabik) in view of Albitz et 
al. (DNS and BIND) (hereinafter Albitz). In response, Applicant has amended the independent 
claims 1, 16, 19 and 21 and respectfully submits the following remarks. 

Applicant respectfully asserts that claims 1, 16, 19, and 21, as amended, patentable 
distinguish over Hrabik and Albitz, alone or in proper combination, because neither Hrabik or 
Albitz teach or suggest "determining a first mapping in a domain naming system, the act of 
determining the first mapping comprising an act of obtaining an authoritative mapping from an 
authoritative source of domain information in the domain naming system ," "comparing the first 
mapping to the second mapping and identifying at least one discrepancy between the first and 
second mapping," " and wherein the domain nameserver is a non-authoritative source for the 
second mapping in the domain naming system " as recited in each of claims 1, 16, and 19 as 
amended; or a detector "further adapted to compare the first mapping to the second mapping and 
to identify at least one discrepancy between the first mapping and second mapping," "wherein 
the detector is configured to obtain an authoritative mapping represented by the first mapping 
from an authoritative source of domain name information in the domain naming system " and 
"determining a second mapping in the domain naming system. . . wherein the domain nameserver 
is a non-authoritative source for the second mapping in the domain naming system ." as recited 
in claim 21, as amended herein. (Emphasis added.) Notably, according to one embodiment, by 
permitting comparison and identification of discrepancies between authoritative and non- 
authoritative in a domain naming system, an administrator may be able to detect whether caching 
nameservers (examples of non- authoritative sources of domain information) have been poisoned 
(Please see Page 2, line 19 through Page 3, line 27 of the Instant Specification). 
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Hrabik is directed to a system for verifying the integrity of devices on a target network. 
(Hrabik, Abstract). The system has security subsystems and a master security system 
hierarchically connected to the security subsystem via a secure link. (Hrabik, Abstract). The 
target network includes various intrusion detection devices, which may be part of the security 
subsystem. (Hrabik, Abstract). Each intrusion detection device generates a plurality of event 
messages when an attach on the network is detected. (Hrabik, Abstract). The security subsystem 
collects these event messages, correlates, and analyzes them, and performs network scanning 
processes. (Hrabik, Abstract). If certain events warrant additional scrutiny, they are uploaded to 
the master security system for review. (Hrabik, Abstract). 



Hrabik also discusses, in Paragraph [0069]: 

In addition to the vulnerability and visibility scans, the master system 60 also verifies 
services that directly affect the target network's connectivity but are typically out of the 
network's control. This verification assessment ensures that company's domain name was 
not "hijacked." The master security system conducts a verification assessment of all 
information sources involved in network connectivity verifying information from a root 
domain name servers all the way through to a primary and a secondary web servers. The 
verification scan is performed for the entire IP address group of the target company. For 
example, when a target company has six IP addresses four of which are open and utilized 
and two of which are blocked and not accessible, the verification scan determines 
whether the blocked addresses remain unaccessible and whether the open addresses 
remain accessible. The assessment also includes a verification that when users are trying 
to access the network's website by typing "www.company.com," they get to the proper 
website and their e-mail goes to the proper server. The master system also verifies 
information at the Who is database of the registration provider to ensure that contact and 
authorization information has not been changed. To protect target's website, the master 
system may also check whether the text, graphics and other information contained on the 
website was not altered by intruders. The master system may also test functionality of 
target's e-commerce and other on-line applications to assure that the entire web system is 
operational and any problems may be addressed immediately. The master system also 
tests and verifies external (Internet) routing information, DNS info, netbios information, 
access control, etc. (Hrabik, Paragraph [0069].) 

Thus, Hrabik is not concerned with comparing a first mapping of authoritative 
information in a domain naming system to a second mapping of non-authoritative information in 
the domain naming system and identifying at least one discrepancy between the first and second 
mapping, as recited in each of claims 1, 16, and 19; or a detector further adapted to compare the 
first mapping of authoritative information in the domain naming system to the second mapping 
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of non- authoritative information in the domain naming system and to identify at least one 
discrepancy between the first mapping and second mapping, as recited in claim 21, as amended 
herein. Hrabik performs no such comparison between any first and second mapping of 
authoritative information. Rather, Hrabik is concerned with making sure a computer can get to a 
particular network's website, and that e-mail of a user goes to the proper server. (Hrabik, 
Paragraph [0069].) Hrabik does this by attempting to connect to various system resources by 
accessing their addresses. (Hrabik, Paragraph [0069].) Hrabik also discloses accessing 
information at a Whois database of the registration provider to ensure that contact and 
authorization information has not been changed. (Hrabik, Paragraph [0069].) However, Hrabik 
does not teach or suggest that this information is a mapping of a namespace to a resource in a 
domain naming system, nor does it teach or suggest that any such mapping of authoritative 
information will be compared to a second mapping of authoritative information to non- 
authoritative information. Hrabik also does not teach or suggest a method or apparatus for 
identifying at least one discrepancy between a first mapping of authoritative information and a 
second mapping of non- authoritative information. For at least these reasons, Hrabik does not 
teach or suggest all of the limitations of each of claims 1, 16, 19, and 21 as amended. 

Albitz fails to cure the deficiencies of Hrabik because Albitz is also not concerned with 
comparing a first mapping of authoritative information to a second mapping of non- authoritative 
information and identifying at least one discrepancy between the first and second mapping, as 
recited in each of claims 1, 16, and 19; or a detector further adapted to compare the first mapping 
of authoritative information to the second mapping and to identify at least one discrepancy 
between the first mapping and second mapping, as recited in claim 21, as amended herein. 

Albitz is directed to a conventional DNS system. Albitz is referenced in the Background 
section of the instant Application (located on Pages 1-2 of the instant Application), and describes 
a conventional configuration and function of nameservers typically used in the Internet and 
enterprises for resolving names to IP addresses. Specifically, it discloses a method whereby a 
user may copy information about a zone corresponding to a system resource. (Albitz, Page 220, 
"Zone Transfers," Paragraph 1.) Zone data can be transferred to an output file. (Albitz, Page 
220, "Zone Transfers," Paragraph 3.) 

Even if such zone data can be considered a mapping, and Applicants in no way concede 
that it can, Albitz does not teach or suggest performing a comparison between any first mapping 
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of authoritative information and second mapping of non-authoritative information. Rather, 
Albitz merely discloses the idea of transferring zone data into an output file. (Albitz, Page 220, 
"Zone Transfers," Paragraph 3.) Albitz also does not teach or suggest a method or apparatus for 
identifying at least one discrepancy between a first mapping of authoritative information and a 
second mapping of non- authoritative information. For at least these reasons, Albitz does not 
teach or suggest all of the limitations of each of claims 1, 16, 19, and 21. 

Accordingly, independent claims 1, 16, 19, and 21 are patentable for at least the reasons 
described above. Each of claims 4, 5, 7, 10, 13-15, 20, and 21, depend directly or indirectly 
from one of independent claims 1, 16, 19, and 21, and are patentable at least for the same reasons 
as the independent claim from which they depend, respectively. For at least all of the above 
reasons, Applicants respectfully request reconsideration and withdrawal of the rejection of 
claims 1, 4-5, 7, 10, 13-16, and 19-21 under 35 U.S.C. § 103(a). 
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CONCLUSION 

In view of the foregoing amendments and remarks, reconsideration is respectfully 
requested. This application should now be in condition for allowance; a notice to this effect is 
respectfully requested. If the Examiner believes, after this amendment, that the application is not 
in condition for allowance, the Examiner is requested to call the Applicant's attorney at the 
telephone number listed below. 

If this response is not considered timely filed and if a request for an extension of time is 

otherwise absent, Applicant hereby requests any necessary extension of time. If there is a fee 

occasioned by this response, including an extension fee, that is not covered by an enclosed 

check, please charge any deficiency to Deposit Account No. 50/2762. 

Respectfully submitted, 

Gerald R. Malan, et ah, Applicants 



By: /Edward J. Russavage/ 

Edward J. Russavage, Reg. No. 43,069 
LANDO & ANASTASI, LLP 
One Main Street 

Cambridge, Massachusetts 02142 
United States of America 
Telephone: 617-395-7000 
Facsimile: 617-395-7070 
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